Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          3UOOa7FWwlGrKHxVQfXjwxBry/9jTqZ6mFVlTcSuU/0=
Subject key identifier:   E1:35:13:49:C8:A7:03:8D:98:EA:EB:46:D1:09:AF:0C:3F:40:D5:43
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       019893A4146B275062D8D501BD8630F633B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          1625
Signing time:             Sun 10 Aug 2025 11:01:00 +0000
Manifest this update:     Sun 10 Aug 2025 11:01:00 +0000
Manifest next update:     Mon 11 Aug 2025 11:01:00 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: nAhbxCwLfJnntLa0Oes2IqwJevGdfE/HdqPVA+WcSeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 08:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:93:a4:14:6b:27:50:62:d8:d5:01:bd:86:30:f6:33:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Aug 10 11:01:00 2025 GMT
            Not After : Aug 11 11:01:00 2025 GMT
        Subject: CN=e1351349c8a7038d98eaeb46d109af0c3f40d543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:bf:59:ce:da:23:31:c0:e8:95:a3:80:1c:d0:
                    bb:b3:d4:9a:1b:68:94:e2:72:e4:06:53:44:6d:34:
                    83:b7:39:36:95:84:12:49:41:15:cd:35:26:77:75:
                    24:07:65:71:ee:fc:99:78:20:4f:52:64:72:18:70:
                    e7:9b:94:b2:ba:de:2b:0e:54:f6:0e:f7:67:b3:4d:
                    d4:ca:c9:ea:fd:49:62:d5:95:9a:a8:50:24:be:d3:
                    0a:be:e1:ce:47:02:3a:91:8a:04:2f:d5:3d:06:70:
                    ba:29:fa:40:70:84:f2:51:3c:69:3d:ef:f9:76:eb:
                    cb:40:d5:6a:2a:38:74:27:76:10:42:b7:a1:16:1a:
                    ef:24:11:92:6e:74:5b:fa:bb:55:87:21:c1:1a:d6:
                    b2:ca:aa:3f:21:34:c7:cd:09:96:67:37:30:eb:f1:
                    c7:f3:3d:2c:2e:34:22:e8:b7:b8:e1:d1:2e:a7:4a:
                    eb:7a:9d:0f:38:0f:d7:47:10:de:c1:17:c0:b7:df:
                    d6:a3:ff:f0:0f:83:06:d1:ee:8b:a3:8e:8f:3d:a8:
                    80:34:b3:7f:8a:e9:0f:89:c7:f7:c2:0f:53:db:b6:
                    7f:72:d1:46:b0:1d:69:cf:5c:4a:87:21:8f:86:16:
                    54:2f:82:43:39:c9:18:c6:08:f0:94:ec:7c:e1:5a:
                    a0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:35:13:49:C8:A7:03:8D:98:EA:EB:46:D1:09:AF:0C:3F:40:D5:43
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:cf:be:7c:73:d7:0b:3d:f4:37:d0:55:a2:8a:34:94:55:e7:
         80:53:92:d7:4e:f4:ba:37:c6:86:69:93:73:ab:a2:1e:fc:38:
         6d:0a:4c:a4:eb:5c:2e:c9:97:b4:7a:41:e4:52:d5:87:35:17:
         9d:74:20:87:83:f1:9e:bc:0b:89:b7:7b:f4:43:4a:60:d4:c5:
         85:d8:a0:04:d7:c5:b7:78:e5:7d:b3:fc:c3:6d:4c:aa:7c:97:
         7d:7d:5a:7f:70:60:b4:8b:e5:dd:45:66:74:be:fa:8a:cc:68:
         00:c1:b3:57:e6:e9:9c:04:d2:90:3e:27:a6:53:cc:6d:7d:f2:
         7d:77:3a:d9:ca:83:78:9e:af:d5:68:f7:73:0b:9f:f4:fd:8a:
         88:11:af:fc:1a:be:36:ec:6d:fe:00:fe:48:39:70:13:d2:e6:
         9d:c6:45:60:45:c9:2d:ac:4f:1d:bd:85:05:94:a2:bb:58:71:
         2f:63:e0:9f:a9:09:e5:55:25:b5:6f:33:5a:ae:25:62:c3:04:
         12:9e:37:4b:34:9b:dd:67:c9:65:d8:44:e3:7d:4a:d2:0e:20:
         7d:05:94:40:10:e4:28:e2:b1:55:06:88:bd:a6:d6:9f:7d:13:
         51:9a:f4:57:43:74:f2:f6:30:59:3b:17:b9:32:19:b2:8f:9c:
         fe:0d:31:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTpBRrJ1Bi2NUBvYYw9jO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjUwODEwMTEwMTAwWhcNMjUwODExMTEwMTAwWjAzMTEwLwYDVQQD
EyhlMTM1MTM0OWM4YTcwMzhkOThlYWViNDZkMTA5YWYwYzNmNDBkNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl79ZztojMcDolaOAHNC7s9SaG2iU
4nLkBlNEbTSDtzk2lYQSSUEVzTUmd3UkB2Vx7vyZeCBPUmRyGHDnm5Syut4rDlT2
Dvdns03Uysnq/Uli1ZWaqFAkvtMKvuHORwI6kYoEL9U9BnC6KfpAcITyUTxpPe/5
duvLQNVqKjh0J3YQQrehFhrvJBGSbnRb+rtVhyHBGtayyqo/ITTHzQmWZzcw6/HH
8z0sLjQi6Le44dEup0rrep0POA/XRxDewRfAt9/Wo//wD4MG0e6Lo46PPaiANLN/
iukPicf3wg9T27Z/ctFGsB1pz1xKhyGPhhZUL4JDOckYxgjwlOx84VqgfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOE1E0nIpwONmOrrRtEJrww/QNVDMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALM++fHPX
Cz30N9BVooo0lFXngFOS1070ujfGhmmTc6uiHvw4bQpMpOtcLsmXtHpB5FLVhzUX
nXQgh4PxnrwLibd79ENKYNTFhdigBNfFt3jlfbP8w21MqnyXfX1af3BgtIvl3UVm
dL76isxoAMGzV+bpnATSkD4nplPMbX3yfXc62cqDeJ6v1Wj3cwuf9P2KiBGv/Bq+
Nuxt/gD+SDlwE9LmncZFYEXJLaxPHb2FBZSiu1hxL2Pgn6kJ5VUltW8zWq4lYsME
Ep43SzSb3WfJZdhE431K0g4gfQWUQBDkKOKxVQaIvabWn30TUZr0V0N08vYwWTsX
uTIZso+c/g0xhA==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:40:54 2025 by rpki-client